diff --git a/FAQ.md b/FAQ.md index e9ed301599..7fd1bfb531 100644 --- a/FAQ.md +++ b/FAQ.md @@ -2092,8 +2092,8 @@ The error '*Handshake failed SSL handshake terminated ... SSLV3_ALERT_HANDSHAKE_ can be caused by [this Android 7.0 bug](https://issuetracker.google.com/issues/37122132). This can unfortunately not be fixed by FairEmail. The error '*Handshake failed ... UNSUPPORTED_PROTOCOL or TLSV1_ALERT_PROTOCOL_VERSION or SSLV3_ALERT_HANDSHAKE_FAILURE ...*' -might be caused by enabling **hardening connections**, or requiring TLS 1.3 in the connection settings -or by Android not supporting older protocols anymore, like SSLv3. +might be caused by enabling **hardening connections** or **Bouncy Castle** in the connection settings tab page, +or by Android not supporting older protocols anymore, like SSLv3 and TLSv1. Android 8 Oreo and later [do not support](https://developer.android.com/about/versions/oreo/android-8.0-changes#security-all) SSLv3 anymore. There is no way to workaround lacking RC4 and SSLv3 support because it has completely been removed from Android (which should say something). diff --git a/index.html b/index.html index 11e2e7a62c..a4251cff78 100644 --- a/index.html +++ b/index.html @@ -1172,7 +1172,7 @@ X-Google-Original-From: Somebody <somebody+extra@example.org>

The error ‘Handshake failed … SSLV3_ALERT_ILLEGAL_PARAMETER …’ is either caused by a bug in the SSL protocol implementation or by a too short DH key on the email server and can unfortunately not be fixed by FairEmail.

The error ‘Handshake failed … HANDSHAKE_FAILURE_ON_CLIENT_HELLO …’ might be caused by the provider still using RC4, which isn’t supported since Android 7 anymore.

The error ‘Handshake failed SSL handshake terminated … SSLV3_ALERT_HANDSHAKE_FAILURE … HANDSHAKE_FAILURE_ON_CLIENT_HELLO’ can be caused by this Android 7.0 bug. This can unfortunately not be fixed by FairEmail.

-

The error ‘Handshake failed … UNSUPPORTED_PROTOCOL or TLSV1_ALERT_PROTOCOL_VERSION or SSLV3_ALERT_HANDSHAKE_FAILURE …’ might be caused by enabling hardening connections, or requiring TLS 1.3 in the connection settings or by Android not supporting older protocols anymore, like SSLv3.

+

The error ‘Handshake failed … UNSUPPORTED_PROTOCOL or TLSV1_ALERT_PROTOCOL_VERSION or SSLV3_ALERT_HANDSHAKE_FAILURE …’ might be caused by enabling hardening connections or Bouncy Castle in the connection settings tab page, or by Android not supporting older protocols anymore, like SSLv3 and TLSv1.

Android 8 Oreo and later do not support SSLv3 anymore. There is no way to workaround lacking RC4 and SSLv3 support because it has completely been removed from Android (which should say something).

Please see here for an overview of supported protocols and cipher suites by Android version.

You can use this website or this website to check for SSL/TLS problems of email servers.